Loading...
Toggle navigation
Home
About
About Journal
Editorial Board
Author Center
Current Issue
Just Accepted
Archive
Most Read Articles
Most Download Articles
Most Cited Articles
E-mail Alert
RSS
Reader Center
Online Submission
Manuscript Tracking
Instruction
Download
Review Center
Peer Review
Office Work
Editor-in-Chief
Subscription
Contact Us
中文
Table of Content
15 June 2017, Volume 3 Issue 6
Previous Issue
Next Issue
Digital Authentication Connecting the Trusted World
2017, 3(6): 482-493.
Asbtract
(
)
PDF
(4500KB) (
)
Related Articles
|
Metrics
Quantum Key Digital Certificate System and Its Application
2017, 3(6): 494-500.
Asbtract
(
)
PDF
(1447KB) (
)
References
|
Related Articles
|
Metrics
The security of classical network communication is mostly based on computational security, which is nonunconditional. The emergence of quantum key distribution (QKD) network based on physical security changes this situation. By means of quantum key distribution network generated quantum key, classical network data communication can achieve unconditional security. At present, the most effective information system authentication method is based on the identity authentication method of PKI (public key infrastructure). Its security depends on the security of public key encryption. The security of public key encryption is based on the complexity of large number decomposition. Based on the quantum cryptography network, a quantum key digital certificate system can be constructed by means of a trusted center, and a quantum key infrastructure (QKI) with quantum authentication mechanism (QCA) is established. Quantum key digital certificate in the identification and digital signature of the specific application methods.
Analysis of the Application of Cryptographic Algorithms in Eduroam
2017, 3(6): 501-509.
Asbtract
(
)
PDF
(1932KB) (
)
References
|
Related Articles
|
Metrics
Eduroam, i.e. the education roaming, provides secure global wireless access roaming service for research institutions and schools. Member in Eduroam alliance can access to WLAN in other organizations within the alliance using their account in their own institution as users are authenticated by authentication servers of users own institutions. Authentication process in Eduroam contains the following contents: the establishment of communication connections between two direct communication entities, how do communication protocols support authentication protocol, the trust fabric Eduroam choose to transmit packets between mobile devices and authentication servers, and the mutual authentication through which authentication servers and mobile devices authenticate each other. Cryptographic algorithms are used for various purpose, such as protecting authentication credential from disclosure, helping proxy servers establishing trust relationships. However, All of these cryptographic algorithms are international standard which may brings potential security compromise that we dont know. Replacing international cryptographic algorithms with national cryptographic algorithms can strength the security of authentication progress to a certain degree. And such replacement will not influence the authentication system at all. Although we cant change cryptographic algorithms supported by servers and access point outside our state, we can require domestic mobile devices and servers to support national cryptographic algorithms. That still make sense, especially in protecting authentication credential.
Fine-Grained Access Control and Audit Management in Big Data Environment
2017, 3(6): 509-516.
Asbtract
(
)
PDF
(2431KB) (
)
References
|
Related Articles
|
Metrics
Big data technology is getting more and more attention and is used more and more widely. It also led to concerns for the security of big data. Among all the security issues, this paper focuses on the problem of finegrained access control and audit management in the context of big data. Starting from the characteristics of 4V and distributed application of big data, this paper analyzes why previous access control methods couldnt adapt to the security requirements of big data, and proposes the basedonbehavior whole process finegrained access control and audit management solutions under the circumstances of big data, utilizing the 4A and security agent technology, as well as ABAC access control mechanism. The combination of inside and outside, realized in the big data environment, based on the behavior of the whole process management of finegrained access control and auditing of the solution.
Research of Electronic Invoice System Based on Block Chain
2017, 3(6): 516-522.
Asbtract
(
)
PDF
(3190KB) (
)
References
|
Related Articles
|
Metrics
The largescale application of electronic invoices has promoted the development of economy and society, but there are also some problems, such as repeated reimbursement of electronic invoices and so on. The practical problems can be effectively solved by the application of block chain technology in electronic invoices, then the four characteristicsthat of sharing, of right confirmation, of authenticity, and of trust of electronic invoice data are provided. The application situation of the electronic invoice is introduced, the block chain technology is expounded, and the key technical problems of the application of the block chain in the electronic invoice are described. Finally, the electronic invoice system based on block chain is designed and researched.
A PrivacyPreserving Data Aggregation Algorithm in Wireless Sensor Networks
2017, 3(6): 523-528.
Asbtract
(
)
PDF
(701KB) (
)
References
|
Related Articles
|
Metrics
With the practical application in wireless sensor networks, data aggregation technique becomes one of the most important research areas. However, Wireless sensor networks are always deployed in remote and hostile environments to transmit sensitive information, in which sensor nodes are apt to encounter some serious leakage of sensitive data in data aggregation. Hence, privacy preservation is becoming an increasingly important issue in security data aggregation for wireless sensor networks. Therefore, the algorithms of privacy security, whichis based on data aggregation in wireless sensor network, are studied. Meanwhile, the privacypreserving data aggregation models are researched. At present, there are two main privacypreserving methods are studied, which are hopbyhop encryption method and endtoend encryption method. In hopbyhop encryption method, the SMART (slicemixed aggregation) algorithm is representative. However, this algorithm destroys the raw data of each sensor node, which make the fusion center couldnt restore the raw data in each sensor node. In endtoend encryption method, ECC (elliptic curve cryptography) based homomorphic encryption algorithms are able to restore the fusion data to some extent. Therefore, a novel privacypreserving data aggregation algorithm (ECCSMART) is proposed, which combines the ECC algorithm and SMART algorithm. The proposed althrithm can restore the sliced data in fusion center, and enhance the security of the wireless sensor networks.
Application of Trusted Third Party Authentication in Smart Home
2017, 3(6): 528-532.
Asbtract
(
)
PDF
(1271KB) (
)
References
|
Related Articles
|
Metrics
Smart Home products in the use of remote control is easy to be hijacked, local control easily invaded, which causes many other security risks. Making use of trusted thirdparty authentication technology in the Smart Home products, establishing trust relationships of Smart Home products, users mobile devices and services platform that is trusted cloud platform , thirdparty mutual trust based on mature PKI technology, asymmetric algorithm for the core technology to ensure that Smart home products only execute user instructions which are authenticated by trusted cloud platform . The deployment of Smart Home products is divided into the overall home product and intelligent single product, in the use of local control and remote control, different situations require trusted thirdparty authentication to ensure product security. In order to reduce the cost while adding a trusted thirdparty authentication mechanism, the protocol transformation on the basis of the MQTT protocol is also the best practice for the rapid application of the authentication technology to the smart home industry.
Research on the Development Trend of Identity Authentication Technology Based on Face Biometrics
2017, 3(6): 533-537.
Asbtract
(
)
PDF
(834KB) (
)
References
|
Related Articles
|
Metrics
生物识别技术在近几年得到了迅猛发展,特别是在笔记本电脑、手机等消费电子领域及门禁管理、金融银行等各个领域得到广泛应用.生物特征识别技术对传统身份识别技术产生巨大威胁.阐述了基于生物的特征识别技术相对于传统生物特征识别方法所具有的优势,并以人脸识别技术为例将人脸识别的发展按其特征选取方式分为4个阶段,分析和比较了不同阶段人脸识别方法的特点及成果,并针对目前人脸识别技术发展现状详细提出几个问题,并探讨了已有的生物特征识别存在的问题和未来的研究趋势.
Research on SSL/TLS Protocol Configuration Security Assessment Model Based on Fuzzy Comprehensive Analysis
2017, 3(6): 538-547.
Asbtract
(
)
PDF
(1124KB) (
)
References
|
Related Articles
|
Metrics
The SSLTLS protocol is a standard for encrypted network communication. However, due to the complexity of the SSLTLS protocol, Web sites are prone to various security vulnerabilities when implementing and deploying SSLTLS protocols. We feel that there is surprisingly little attention paid to how SSL is configured, given its widespread usage in the Web sites. Based on the detailed analysis of the characteristics and influencing factors of Web sites security assessment, this paper puts forward a new definition of Web sites security level, and combined the analytical hierarchy process (AHP) with fuzzy comprehensive analysis method to construct a Web site security assessment model based on AHPfuzzy comprehensive analysis. Then we apply the model to the actual sites evaluation. By contrast to the evaluation results of Qualys SSL Labs and HighTech, we found that this model can better solve the following issues in the existing evaluation system: security level is not clear, ignoring the 3DES insecure cipher suites and critical expansion OCSP Stapling and so on, so as to better illustrate the validity and accuracy of the model.
Research and Design of E-Government Authentication Service System Interconnection Platform
2017, 3(6): 548-553.
Asbtract
(
)
PDF
(2089KB) (
)
References
|
Related Articles
|
Metrics
At present, Chinas egovernment network has the problems of poor connectivity and low sharing, in order to strengthen the interconnection and intercommunication in the egovernment field, this paper puts forward the idea of construction and improvement of accelerated electronic certification mutual recognition platform. It can be regarded as one of the effective paths to improve the credible network space in China. On the basis of explaining the present situation of our countrys electronic certification service industry, and combining the basic situation of our country, the construction form and method of electronic certification mutual recognition platform are studied and analyzed, to improve the quality of electronic authentication services system interconnection platform.egovernment; electronic authentication; interconnection; mutual recognition platform; CA
The Construction and Application of the Cloud Authentication Service Mode on Chinese Center for Disease Control and Prevention Information System
2017, 3(6): 554-559.
Asbtract
(
)
PDF
(2121KB) (
)
References
|
Related Articles
|
Metrics
This paper provides twofactor login authentication method based on digital certificate for Chinese center for disease control and prevention information system registered users, based on digital certificate, establishes a highsecurity and highly reliable identity authentication management mechanism through the establishment of cloud electronic authentication service platform. Thus it can prevent the hidden dangers of account information leakage. At the same time, it also describes how to build multi CA mutual trust mechanism. In order to solve the problem of mutual recognition of digital certificates in different CA institutions to achieve cross regional data transmission and sharing issues, support the analysis of different CA certificates, certificate file storage, certificate query verification of the unity.
Cyber Range Based Security Analysis of DNC Protocol
2017, 3(6): 560-567.
Asbtract
(
)
PDF
(4218KB) (
)
References
|
Related Articles
|
Metrics
Widely available, lowcost Internet Protocol (IP) devices are now replacing specialized proprietary control protocols in Distributed Numerical Control (DNC) system, which increases the possibility of cyber security vulnerabilities and incidents. In order to analyze the security of protocol in DNC system, in this paper, a cyber range technique for building DNC system is proposed. The potential risks against DNC system are then revealed based on the security analysis on the acquired boundary protocol. Respective to the risks, the boundary protection policies are formulated at last, suggesting the protection measures taken for real manufacturing industry.
Cybersecurity Law Starting up the New Era of Cyber Legislation in China
2017, 3(6): 568-572.
Asbtract
(
)
PDF
(2100KB) (
)
Related Articles
|
Metrics
The “2.0-Era” of Certifcation and Authentication Techniques
2017, 3(6): 573-576.
Asbtract
(
)
PDF
(1380KB) (
)
Related Articles
|
Metrics
Author Center
Online Submission
Instruction
Template
Copyright Agreement
Review Center
Peer Review
Editor Work
Editor-in-Chief
Office Work
